MGASA-2020-0167 Updated mediawiki packages fix security vulnerability

Updated mediawiki packages fix security vulnerability: In MediaWiki before 1.31.7, users can add various Cascading Style Sheets CSS classes which can affect what content is shown or hidden in the user interface to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because...

CVE-2019-9820

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

CVE-2020-10960

In MediaWiki before 1.34.1, users can add various Cascading Style Sheets CSS classes which can affect what content is shown or hidden in the user interface to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because jquery.makeCollapsible allows applying an event handler ...

CVE-2020-10960

In MediaWiki before 1.34.1, users can add various Cascading Style Sheets CSS classes which can affect what content is shown or hidden in the user interface to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because jquery.makeCollapsible allows applying an event handler ...

makeCollapsible allows applying event handler to any CSS selector

More info at https://phabricator.wikimedia.org/T246602...

mediawiki -- multiple vulnerabilities

Mediawiki reports: Security fixes: T246602:jquery.makeCollapsible allows applying event handler to any CSS selector...

XStream Library Insecure Deserialization (CVE-2019-10173)

An insecure serialization vulnerability exists in XStream Library. The vulnerability is due to insufficient validation of event handler type in user-supplied XML data. A remote attacker could exploit this vulnerability by sending specially crafted XML file to the affected application. Successful...

CVE-2019-10480

Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &...

MGASA-2019-0340 Updated libreoffice packages fix security vulnerabilities

Updated libreoffice packages fix security vulnerabilities: LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphi...

NewStart CGSL CORE 5.04 / MAIN 5.04 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0158)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has thunderbird packages installed that are affected by multiple vulnerabilities: - pngimagefree in png.c in libpng 1.6.36 has a use- after-free because pngimagefreefunction is called under pngsafeexecute. CVE-2019-7317 - If a...

WebKit - UXSS via XSLT and Nested Document Replacements

VULNERABILITY DETAILS https://trac.webkit.org/browser/webkit/trunk/Source/WebCore/xml/XSLTProcessor.cppL66 Ref XSLTProcessor::createDocumentFromSourceconst String& sourceString, const String& sourceEncoding, const String& sourceMIMEType, Node sourceNode, Frame frame Ref...

Google Chrome 74.0.3729.0 76.0.3789.0 - Heap Use-After-Free in blink::PresentationAvailabilityState::UpdateAvailability

Google Chrome 74.0.3729.0 76.0.3789.0 - Heap Use-After-Free in blink::PresentationAvailabilityState::UpdateAvailability iterating&iteratinglisteners, true; for auto& listenerref : availabilitylisteners auto listener = listenerref.get; if !listener-urls.Containsurl continue; auto screenavailabilit...

Google Chrome 74.0.3729.0 / 76.0.3789.0 - Heap Use-After-Free in blink::PresentationAvailabilityState::UpdateAvailability

iterating&iteratinglisteners, true; for auto& listenerref : availabilitylisteners auto listener = listenerref.get; if !listener-urls.Containsurl continue; auto screenavailability = GetScreenAvailabilitylistener-urls; DCHECKscreenavailability != mojom::blink::ScreenAvailability::UNKNOWN; for auto...

CVE-2019-9820

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

CVE-2019-9820

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

Design/Logic Flaw

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

CVE-2019-9820

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

CVE-2019-9820

The CVE-2019-9820 issue is a use-after-free in the ChromeEventHandler by DocShell that can cause a crash in Thunderbird and Firefox (including ESR). Affected products and versions, per sources: Thunderbird < 60.7, Firefox < 67, and Firefox ESR

CVE-2019-9820

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

CVE-2019-9820

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...